Password managers


#21

Been using OS X for nearly a decade now, and have never used Keychain. 1Password FTW, both on OS X & iOS (and when I used it, Android).


#22

Yeah, I’m using KeePassX, which is the OSX port of KeePass - works great and I like that I can copy the database between my desktop and phone to make it portable. Big fan.


#23

One of the reasons of the failure of OS/2 was its DOS and Windows 3.x support. Why purchase OS/2 programs when DOS and Windows programs run better in OS/2?


#24

This thread is making me reconsidering the use of Evernote, and switching over to something more secure.

Which app works on both Windows and Android, and will share the same database?


#25

Lastpass is your best bet for super easy coordination of the database


#26

Exactly my point.


#27

What made me reconsider the use of Evernote was their erosion of features on their free tier (I’ve never considered using it for password storage). Or worse, introducing new freemium companion app, then rolling it into the base product, EOLing the companion app, and eliminating the “free” part of freemium - basically turning users into beta testers and focus groups, then taking it all away.

Anything new goes into Notes.app now, and with the latest OS X update I hear tell that there’s even a way to import from Evernote into Notes.app - so I may just shove everything over there and toss Evernote altogether.


#28

I’m also a user of LastPass. I find it very handy; integrates well with Multifactor Auth and is available on all my devices…

Best of all, however, it was easy enough for my non-technical family to embrace. Bonus for the ability to share with them too…


#29

Can’t speak to anything but KeePass, but there are client flavors for Windows, Mac, Android, iOS… all using the same DB. That’s why I keep a copy in Dropbox… open the flavor client for the device I’m on, pull the password from the same DB.


#30

1Password does this as well.


#31

Okay, in the interests of science I’ve been trying LastPass for the last couple of days. As with everything there are pros and cons to both KeePass and LastPass.

Logging on to a site I’ve had mixed results with LastPass. If it works as it is supposed to then LastPass has a definite edge, but sometimes it just doesn’t log on properly. I’d call this one a tie.

Filling in web forms is a definite win for LastPass. KeePass allows you to create custom fields to store values, but you have to copy and paste each individual field. LastPass just auto-fills the lot.

Having said that, this shows one piece of functionality that I use in KeePass that is far superior to LastPass - custom fields. With KeePass, if you add a custom field, you can then right click the main entry & copy any custom field value. I use this for my bank two-factor grid data - where I will always have to fill in 3 values from a list of 49 possible values.
With LastPass the custom field functionality is all about auto-filling and just doesn’t do this.

The last area where KeePass is way better is that when you copy anything to the clipboard, it gets cleared out after 12 seconds. If you do the same with LastPass, whatever you copied to the clipboard stays there until something else overwrites it - meaning you can end up with a password in your clipboard for some considerable time.
This probably isn’t a deal breaker, but it is something to be aware of if you are doing something like logging in to Steam.

Overall, for my usage, I’d probably give the win to LastPass. This is a very close run thing though, and both will do the job nicely.
I don’t have any need for a password manager on my phone though, so I don’t have any knowledge of how LastPass goes there. As has been stated earlier, KeePass certainly can handle this.


#32

IMO, if you’re on OS X exclusively, you should be using 1Password. There is no comparison. It stomps everything else. Browser integration with FF, Chrome, and Safari is excellent and you can sync your vault using a bunch of different methods (I keep my vault in dropbox).

If, however, you’re cross-platform, look elsewhere. 1P has a Windows port, but it’s awful. It’s very, very different from the OS X app and it’s a giant pain in the ass to use. I don’t have a personal recommendation for Windows, but it looks like KeePass is the favorite in this thread. I’ve also heard very positive things about Dashlane.

@woodman, yes, the entire idea of having a password manager is to have a complex master password guarding ludicrously complex other passwords. Most will let you configure a timeout interval between how often you need to type your master password to unlock the application again, but keeping that interval longer than 10-15 minutes is pretty self-defeating, honestly. Get up and walk away and forget to lock the computer and you might as well just give your logins away.


#33

I’ll agree with Keeper that 1Password’s good, except I’ve never had any problems with it on the Windows side either. I have it on a Mac, a Windows PC, and iOS devices and it works great on all of them and keeps in sync (through an encrypted database I keep on Dropbox, but you can sync it other ways too). The only thing is it might seem a bit expensive if you’re jumping in. I bought it for one platform and then added it over time to others with upgrades so didn’t really mind the expense spread out.


#34

I think the windows version of the app is horrifyingly bad. I use it because I’ve already got a lifetime’s worth of stuff in the app, and when I’m on the gaming PC it’s handy to be able to log into stuff, but the windows version feels like a bad parody of the mac version.


#35

Just in case any of you are using LastPass…


#36

Hey, that’s the sort of thing I would have appreciated an email from LastPass about…


#37

Another problem with LastPass?


#38

Yeah, we opted for LastPass for my team, since KeyPass didn’t have any easy way to do DR… LastPass has web access, so if one of us is away from his normal machine he can still get to the password store.

I’m not especially fond of LastPass, and now… oh, well.


#39

I like it for the YubiKey 2FA integration and ease of use cross platform, but I am annoyed enough to reconsider.


#40

TBH, all of them have problems, and if you read Tavis’s Twitter feed he’s at least positive about how they respond.